SlideShare a Scribd company logo

Shanghai Breakout: Access Management with Aruba ClearPass

Download as PPTX, PDF
Aruba, a Hewlett Packard Enterprise company
Aruba, a Hewlett Packard Enterprise company

The document discusses how Aruba ClearPass provides adaptive network access policies through context-based authentication and authorization. It describes how ClearPass collects contextual information from various sources to make policy decisions. This context includes attributes about the user, device, location, authentication method, and more. ClearPass then maps collected context to roles and enforces policies based on matching roles and device posture to take actions like sending Radius responses, updating firewall rules, or triggering remediation. The adaptive policies allow for a more coordinated approach to security, operations, and user experience.

1 of 34
Access Management with Aruba ClearPass Austin Hawthorne December 12th, 2014
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved 2 #AirheadsConf Agenda Defining Adaptive Policies Context Collection Leveraging Context in NAC Policies Enhancing User Experience, Operations, and Security with Context
3 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Why Adaptive Policies? THEN Predictable Desk Access NOW Access from Anywhere
4 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Deciphering Context for Policy Decisions Jailbroken phone? BYOD? Guest? Office? Device type? Firewall enabled? Employee? Skim milk? Policies must adapt to conditions
5 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Common Security Questions • Is this a corporate device or a personal device connecting to my wireless network with my employee’s account information? • Is this a Printer or Computer connecting to my wired network without 802.1x? • How do I keep corporate devices off the Guest SSID? • I trust my corporate assets, but I need to be able to check the compliance of Contractor computers when they connect, and restrict them from using mobile devices, how?
6 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Adaptive Trust: Context Collection
7 Device & type CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved Access type App traffic & behavior #AirheadsConf The Heart of an Adaptive Trust Decision User & role Ownership - IT or BYOD Usable Context Device assessment Location - Secure or open access Auth type - credentials or certificate Session rules Time-of-day / Day-of-Week
8 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Sources of Usable Context Device Profiling • Samsung SM-G900 • Android • “Jons-Galaxy” EMM/MDM • Personal owned • Registered • OS up-to-date • Hansen, Jon [Sales] • MDM enabled = true • In-compliance = true Identity Stores Enforcement Points • Hansen, Jon [Sales] • Title – COO • Dept – Executive office • City – London • Location – Bldg 10 • Floor – 3 • Bandwidth – 10Mbps
Adaptive Trust 9 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Sources of Usable Context Device Profiling • Samsung SM-G900 • Android • “Jons-Galaxy” EMM/MDM • Personal owned • Registered • OS up-to-date • Hansen, Jon [Sales] • MDM enabled = true • In-compliance = true Identity Stores Enforcement Points • Hansen, Jon [Sales] • Title – COO • Dept – Executive office • City – London • Location – Bldg 10 • Floor – 3 • Bandwidth – 10Mbps Identity • Hansen, Jon [Sales] • COO, Executive Office • London • Personal Owned • Samsung SM-G900 • Android 4.4, Knox • MDM enabled = true • In-compliance = true • At Bldg 10, floor 3 • 21:22GMT, 21/12/14
10 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Context Sources • External: • Network Devices • Radius/TACACS • AD/LDAP • SAML/OAUTH2/Okta • Radius • Kerberos • Token Servers • SQL Databases • MDM Systems • Aruba Activate • HTTP • Internal: • Endpoint DB • Profiling information from: • DHCP • HTTP • SNMP • IOS Device Sensor • ActiveSync • OnGuard • Onboard • Insight DB • Session/State Information • Guest User/Device DB • Date/Time • LocalUser DB
11 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Context Examples
Adaptive Trust: Leverage Context in Policy 12 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Decisions
13 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Adaptive Policy Driven by Context Corporate Tablet BYOD Tablet Authentication EAP-TLS SSID CORP-SECURE Authentication EAP-TLS SSID CORP-SECURE Internet Only Internet and Corporate Apps
14 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf ClearPass Policy Model – AuthN vs AuthZ ClearPass Policy Manager AD/LDAP Guest Insight Endpoint Onboard Service Matching SQL MDM HTTP Authentication Authorization Role Mapping Enforcement Username = Bob Mac Address = XYZ SSID = Secure Location = Building 1 Request = Radius Response = Radius - Accept - Reject - Attributes Added Context: MDM Enrolled = True Device Type = iPad Owner = Bob Required Apps = True Active Sessions = 2 AD Group = Exec Corp Asset = True
15 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Role-Mapping • Role-Mapping used to filter collected contextual data into “tags” (roles) that can be used for enforcement conditions. • “Select All” vs “Select First” condition matching • Careful of the “AND” “OR” conditons • Available Options: • Radius/TACACS Attributes • Authentication Attributes • Authorization Attributes (from any source) • Certificate Attributes • Endpoint Attributes • Date/Time Attributes
16 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Sample Role Mapping Device Context Auth Context User Context Cert Context Onboard Context MDM Context
17 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Enforcement Policies • Condition based rules to determine which enforcement profile(s) to use. • Can signal multiple actions, more on that later. • Leverages “Roles” assigned during Role- Mapping. • Leverages “Posture” token assigned during posture check. • Typically a top down, “First Match” rule matching algorithm.
18 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Sample Enforcement Policy Using Roles for User and Device Using Roles and Posture Enforcement Policy
19 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Enforcement Profiles • Profiles are essentially the enforcement “actions” you want to signal based on the set conditions. • Multiple Types of Enforcement Profiles: • Radius • Radius CoA • SNMP • CLI • HTTP • Entity Update • OnGuard Agent • TACACS
Adaptive Trust: Security, Operational, and User 20 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Experience Advantages
21 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Security Disconnect Who: Bob Group: Faculty Device: Personal iPad Location: Room 104 Time: 9am, Monday Compliance: Healthy VPN AAA/NAC DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW ? ? ? ? ?
• User can’t connect to the 22 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf User and Operational Disconnect VPN AAA/NAC DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW X X network • User application access is slow or disconnects • Where does the problem exist? • When do you know about the problem? • Where do you start? ? ? ? ? ? ? ? ? ? ? ?
Time for a New Perimeter Defense Model 23 Firewalls CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved EMM/MDM #AirheadsConf Perimeter Defense IDS/IPS Mobility Defense Firewalls Access Policy Management IDS/IPS/AV Enforcement Points Physical A/V Web gateways Policy needed for central point of control
24 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Security and Usability Coordination VPN ClearPass DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW Who: Bob Group: Faculty Device: Personal iPad Location: Room 104 Time: 9am, Monday Compliance: Healthy Mac Address: X IP Address: Y Airgroup Permissions What if when the user connects: - Update the FW - Update the IPAM - Update the Proxy - Logon the application - Update the WLAN
25 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf User Self Service VPN ClearPass DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW Self Service: - BYOD Portal - Device/Guest Registration - Device Access Management - Auto-Remediation - Notification Pages
26 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Operational Integration VPN ClearPass DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW - Auto Open Help Desk Ticket - Notify User - Integration into Network Management
27 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Integration Options • “Built In” Integration • MDM Actions • Palo Alto HIP Updates • Syslog • Splunk App • CEF/LEEF Support (Future) • Radius Proxy (future) • Inbound API • Web Pages: • OnGuard DA, OnBoard, Device/User Registration, Notification/Warning • “Build your own” Integration • ClearPass Exchange • REST/XML Based API
Mitigating Risks using 3rd Party Integration 28 Syslog Messages CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved ClearPass denies access to device #AirheadsConf ClearPass Exchange Jail-broken device detected Helpdesk ticket auto generated Message to device auto generated 1. 3. 2. RESTful APIs Adaptive Trust Identity Jailbreak example
29 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Enforcement Example Radius Action to force notification page Send user SMS notification Update Palo Alto Firewall Open Help Desk Ticket Sound the alarm! Send Email to security team
30 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Dynamic Content based on Context • Device, User, and Posture context can be pulled into actions and web pages. • Leverages “NameSpace” variables in enforcement actions and web login pages.
31 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf NameSpaces in ClearPass • Almost all of the “context” that is collected by ClearPass can be called up and used via dynamic “namespace” variables. • For example: • %{Endpoint:Model} • %{Radius:Aruba:Aruba-Location-Id} • %{Authentication:Full-Username} • These can be used in role mapping, enforcement profiles and policies, auth source filters/queries, etc in place of static variables. • When used, the value is replaced with information pertaining to that device or user dynamically
32 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Conclusion
33 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf NameSpaces in ClearPass • Context is the foundation of ClearPass • More contextual sources than any other vendor! • Ability to share context with more vendors than our competitors! • Context provides for greater security, visibility, and flexibility to support ever-changing #GenMobile environment. • Please check out the “Secure Air” booth during your break for a demonstration of these principles in action!
Thank You 34 #AirheadsConf CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved

Recommended

Advanced ClearPass Workshop
Advanced ClearPass WorkshopAdvanced ClearPass Workshop
Advanced ClearPass Workshop
Aruba, a Hewlett Packard Enterprise company
 
Advanced Aruba ClearPass Workshop
Advanced Aruba ClearPass WorkshopAdvanced Aruba ClearPass Workshop
Advanced Aruba ClearPass Workshop
Aruba, a Hewlett Packard Enterprise company
 
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf ItalyAdvanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Access Management with Aruba ClearPass #AirheadsConf Italy
Access Management with Aruba ClearPass #AirheadsConf ItalyAccess Management with Aruba ClearPass #AirheadsConf Italy
Access Management with Aruba ClearPass #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
Aruba, a Hewlett Packard Enterprise company
 
Defining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access NetworksDefining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access Networks
Aruba, a Hewlett Packard Enterprise company
 
ClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirementsClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirements
Aruba, a Hewlett Packard Enterprise company
 
Shanghai Breakout: Advanced Airwave Workshop
Shanghai Breakout: Advanced Airwave WorkshopShanghai Breakout: Advanced Airwave Workshop
Shanghai Breakout: Advanced Airwave Workshop
Aruba, a Hewlett Packard Enterprise company
 

Recommended

Advanced ClearPass Workshop
Advanced ClearPass WorkshopAdvanced ClearPass Workshop
Advanced ClearPass Workshop
Aruba, a Hewlett Packard Enterprise company
 
Advanced Aruba ClearPass Workshop
Advanced Aruba ClearPass WorkshopAdvanced Aruba ClearPass Workshop
Advanced Aruba ClearPass Workshop
Aruba, a Hewlett Packard Enterprise company
 
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf ItalyAdvanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Access Management with Aruba ClearPass #AirheadsConf Italy
Access Management with Aruba ClearPass #AirheadsConf ItalyAccess Management with Aruba ClearPass #AirheadsConf Italy
Access Management with Aruba ClearPass #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
Aruba, a Hewlett Packard Enterprise company
 
Defining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access NetworksDefining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access Networks
Aruba, a Hewlett Packard Enterprise company
 
ClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirementsClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirements
Aruba, a Hewlett Packard Enterprise company
 
Shanghai Breakout: Advanced Airwave Workshop
Shanghai Breakout: Advanced Airwave WorkshopShanghai Breakout: Advanced Airwave Workshop
Shanghai Breakout: Advanced Airwave Workshop
Aruba, a Hewlett Packard Enterprise company
 
Aruba Atmosphere / Airheads 2014 Keerti Melkote Keynote
Aruba Atmosphere / Airheads 2014 Keerti Melkote KeynoteAruba Atmosphere / Airheads 2014 Keerti Melkote Keynote
Aruba Atmosphere / Airheads 2014 Keerti Melkote Keynote
Aruba, a Hewlett Packard Enterprise company
 
Real-world 802.1X Deployment Challenges
Real-world 802.1X Deployment ChallengesReal-world 802.1X Deployment Challenges
Real-world 802.1X Deployment Challenges
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the CloudEMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the Cloud
Aruba, a Hewlett Packard Enterprise company
 
Secure Enterprise Mobility
Secure Enterprise MobilitySecure Enterprise Mobility
Secure Enterprise Mobility
Aruba, a Hewlett Packard Enterprise company
 
Breakout - Airheads Macau 2013 - ClearPass Access Management Basics
Breakout - Airheads Macau 2013 - ClearPass Access Management Basics Breakout - Airheads Macau 2013 - ClearPass Access Management Basics
Breakout - Airheads Macau 2013 - ClearPass Access Management Basics
Aruba, a Hewlett Packard Enterprise company
 
2012 ah vegas guest access fundamentals
2012 ah vegas guest access fundamentals2012 ah vegas guest access fundamentals
2012 ah vegas guest access fundamentals
Aruba, a Hewlett Packard Enterprise company
 
Wireless LAN Security Fundamentals #AirheadsConf Italy
Wireless LAN Security Fundamentals #AirheadsConf ItalyWireless LAN Security Fundamentals #AirheadsConf Italy
Wireless LAN Security Fundamentals #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
ClearPass Guest Overview
ClearPass Guest Overview ClearPass Guest Overview
ClearPass Guest Overview
Aruba, a Hewlett Packard Enterprise company
 
Shanghai Breakout: Location Analytics – Key Considerations and Use Cases
Shanghai Breakout: Location Analytics – Key Considerations and Use CasesShanghai Breakout: Location Analytics – Key Considerations and Use Cases
Shanghai Breakout: Location Analytics – Key Considerations and Use Cases
Aruba, a Hewlett Packard Enterprise company
 
ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014
Marcello Marchesini
 
Cisco switch setup with cppm v1.2
Cisco switch setup with cppm v1.2Cisco switch setup with cppm v1.2
Cisco switch setup with cppm v1.2
Aruba, a Hewlett Packard Enterprise company
 
Building an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubiaBuilding an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubia
Aruba, a Hewlett Packard Enterprise company
 
Advanced Aruba Airwave Workshop #AirheadsConf Italy
Advanced Aruba Airwave Workshop #AirheadsConf ItalyAdvanced Aruba Airwave Workshop #AirheadsConf Italy
Advanced Aruba Airwave Workshop #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Clear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthyClear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthy
Aruba, a Hewlett Packard Enterprise company
 
Self-Registration, Policy & Branding for Guest Access #AirheadsConf Italy
Self-Registration, Policy & Branding for Guest Access #AirheadsConf ItalySelf-Registration, Policy & Branding for Guest Access #AirheadsConf Italy
Self-Registration, Policy & Branding for Guest Access #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Security advanced rich langston_jon green
Security advanced rich langston_jon greenSecurity advanced rich langston_jon green
Security advanced rich langston_jon green
Aruba, a Hewlett Packard Enterprise company
 
Mobile Devices and Wi-Fi
Mobile Devices and Wi-FiMobile Devices and Wi-Fi
Mobile Devices and Wi-Fi
Aruba, a Hewlett Packard Enterprise company
 
2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentals2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentals
Aruba, a Hewlett Packard Enterprise company
 
A-to-Z design guide for the all-wireless workplace
A-to-Z design guide for the all-wireless workplaceA-to-Z design guide for the all-wireless workplace
A-to-Z design guide for the all-wireless workplace
Aruba, a Hewlett Packard Enterprise company
 
Network Management with Aruba Airwave #AirheadsConf Italy
Network Management with Aruba Airwave #AirheadsConf ItalyNetwork Management with Aruba Airwave #AirheadsConf Italy
Network Management with Aruba Airwave #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Aruba Networks at WFD6
Aruba Networks at WFD6 Aruba Networks at WFD6
Aruba Networks at WFD6
Aruba, a Hewlett Packard Enterprise company
 
Remote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf ItalyRemote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 

More Related Content

What's hot

Aruba Atmosphere / Airheads 2014 Keerti Melkote Keynote
Aruba Atmosphere / Airheads 2014 Keerti Melkote KeynoteAruba Atmosphere / Airheads 2014 Keerti Melkote Keynote
Aruba Atmosphere / Airheads 2014 Keerti Melkote Keynote
Aruba, a Hewlett Packard Enterprise company
 
Real-world 802.1X Deployment Challenges
Real-world 802.1X Deployment ChallengesReal-world 802.1X Deployment Challenges
Real-world 802.1X Deployment Challenges
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the CloudEMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the Cloud
Aruba, a Hewlett Packard Enterprise company
 
Secure Enterprise Mobility
Secure Enterprise MobilitySecure Enterprise Mobility
Secure Enterprise Mobility
Aruba, a Hewlett Packard Enterprise company
 
Breakout - Airheads Macau 2013 - ClearPass Access Management Basics
Breakout - Airheads Macau 2013 - ClearPass Access Management Basics Breakout - Airheads Macau 2013 - ClearPass Access Management Basics
Breakout - Airheads Macau 2013 - ClearPass Access Management Basics
Aruba, a Hewlett Packard Enterprise company
 
2012 ah vegas guest access fundamentals
2012 ah vegas guest access fundamentals2012 ah vegas guest access fundamentals
2012 ah vegas guest access fundamentals
Aruba, a Hewlett Packard Enterprise company
 
Wireless LAN Security Fundamentals #AirheadsConf Italy
Wireless LAN Security Fundamentals #AirheadsConf ItalyWireless LAN Security Fundamentals #AirheadsConf Italy
Wireless LAN Security Fundamentals #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
ClearPass Guest Overview
ClearPass Guest Overview ClearPass Guest Overview
ClearPass Guest Overview
Aruba, a Hewlett Packard Enterprise company
 
Shanghai Breakout: Location Analytics – Key Considerations and Use Cases
Shanghai Breakout: Location Analytics – Key Considerations and Use CasesShanghai Breakout: Location Analytics – Key Considerations and Use Cases
Shanghai Breakout: Location Analytics – Key Considerations and Use Cases
Aruba, a Hewlett Packard Enterprise company
 
ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014
Marcello Marchesini
 
Cisco switch setup with cppm v1.2
Cisco switch setup with cppm v1.2Cisco switch setup with cppm v1.2
Cisco switch setup with cppm v1.2
Aruba, a Hewlett Packard Enterprise company
 
Building an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubiaBuilding an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubia
Aruba, a Hewlett Packard Enterprise company
 
Advanced Aruba Airwave Workshop #AirheadsConf Italy
Advanced Aruba Airwave Workshop #AirheadsConf ItalyAdvanced Aruba Airwave Workshop #AirheadsConf Italy
Advanced Aruba Airwave Workshop #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Clear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthyClear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthy
Aruba, a Hewlett Packard Enterprise company
 
Self-Registration, Policy & Branding for Guest Access #AirheadsConf Italy
Self-Registration, Policy & Branding for Guest Access #AirheadsConf ItalySelf-Registration, Policy & Branding for Guest Access #AirheadsConf Italy
Self-Registration, Policy & Branding for Guest Access #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Security advanced rich langston_jon green
Security advanced rich langston_jon greenSecurity advanced rich langston_jon green
Security advanced rich langston_jon green
Aruba, a Hewlett Packard Enterprise company
 
Mobile Devices and Wi-Fi
Mobile Devices and Wi-FiMobile Devices and Wi-Fi
Mobile Devices and Wi-Fi
Aruba, a Hewlett Packard Enterprise company
 
2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentals2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentals
Aruba, a Hewlett Packard Enterprise company
 
A-to-Z design guide for the all-wireless workplace
A-to-Z design guide for the all-wireless workplaceA-to-Z design guide for the all-wireless workplace
A-to-Z design guide for the all-wireless workplace
Aruba, a Hewlett Packard Enterprise company
 
Network Management with Aruba Airwave #AirheadsConf Italy
Network Management with Aruba Airwave #AirheadsConf ItalyNetwork Management with Aruba Airwave #AirheadsConf Italy
Network Management with Aruba Airwave #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 

What's hot (20)

Aruba Atmosphere / Airheads 2014 Keerti Melkote Keynote
Aruba Atmosphere / Airheads 2014 Keerti Melkote KeynoteAruba Atmosphere / Airheads 2014 Keerti Melkote Keynote
Aruba Atmosphere / Airheads 2014 Keerti Melkote Keynote
 
Real-world 802.1X Deployment Challenges
Real-world 802.1X Deployment ChallengesReal-world 802.1X Deployment Challenges
Real-world 802.1X Deployment Challenges
 
EMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the CloudEMEA Airheads - Aruba Central- Managing Networks from the Cloud
EMEA Airheads - Aruba Central- Managing Networks from the Cloud
 
Secure Enterprise Mobility
Secure Enterprise MobilitySecure Enterprise Mobility
Secure Enterprise Mobility
 
Breakout - Airheads Macau 2013 - ClearPass Access Management Basics
Breakout - Airheads Macau 2013 - ClearPass Access Management Basics Breakout - Airheads Macau 2013 - ClearPass Access Management Basics
Breakout - Airheads Macau 2013 - ClearPass Access Management Basics
 
2012 ah vegas guest access fundamentals
2012 ah vegas guest access fundamentals2012 ah vegas guest access fundamentals
2012 ah vegas guest access fundamentals
 
Wireless LAN Security Fundamentals #AirheadsConf Italy
Wireless LAN Security Fundamentals #AirheadsConf ItalyWireless LAN Security Fundamentals #AirheadsConf Italy
Wireless LAN Security Fundamentals #AirheadsConf Italy
 
ClearPass Guest Overview
ClearPass Guest Overview ClearPass Guest Overview
ClearPass Guest Overview
 
Shanghai Breakout: Location Analytics – Key Considerations and Use Cases
Shanghai Breakout: Location Analytics – Key Considerations and Use CasesShanghai Breakout: Location Analytics – Key Considerations and Use Cases
Shanghai Breakout: Location Analytics – Key Considerations and Use Cases
 
ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014ARUBA - Remote Branch-networking-fundamentals-2014
ARUBA - Remote Branch-networking-fundamentals-2014
 
Cisco switch setup with cppm v1.2
Cisco switch setup with cppm v1.2Cisco switch setup with cppm v1.2
Cisco switch setup with cppm v1.2
 
Building an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubiaBuilding an aruba proof of concept lab javier urtubia
Building an aruba proof of concept lab javier urtubia
 
Advanced Aruba Airwave Workshop #AirheadsConf Italy
Advanced Aruba Airwave Workshop #AirheadsConf ItalyAdvanced Aruba Airwave Workshop #AirheadsConf Italy
Advanced Aruba Airwave Workshop #AirheadsConf Italy
 
Clear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthyClear pass policy manager advanced_ashwath murthy
Clear pass policy manager advanced_ashwath murthy
 
Self-Registration, Policy & Branding for Guest Access #AirheadsConf Italy
Self-Registration, Policy & Branding for Guest Access #AirheadsConf ItalySelf-Registration, Policy & Branding for Guest Access #AirheadsConf Italy
Self-Registration, Policy & Branding for Guest Access #AirheadsConf Italy
 
Security advanced rich langston_jon green
Security advanced rich langston_jon greenSecurity advanced rich langston_jon green
Security advanced rich langston_jon green
 
Mobile Devices and Wi-Fi
Mobile Devices and Wi-FiMobile Devices and Wi-Fi
Mobile Devices and Wi-Fi
 
2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentals2012 ah vegas wlan design fundamentals
2012 ah vegas wlan design fundamentals
 
A-to-Z design guide for the all-wireless workplace
A-to-Z design guide for the all-wireless workplaceA-to-Z design guide for the all-wireless workplace
A-to-Z design guide for the all-wireless workplace
 
Network Management with Aruba Airwave #AirheadsConf Italy
Network Management with Aruba Airwave #AirheadsConf ItalyNetwork Management with Aruba Airwave #AirheadsConf Italy
Network Management with Aruba Airwave #AirheadsConf Italy
 

Viewers also liked

Aruba Networks at WFD6
Aruba Networks at WFD6 Aruba Networks at WFD6
Aruba Networks at WFD6
Aruba, a Hewlett Packard Enterprise company
 
Remote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf ItalyRemote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
IDC Aruba Webinar - 3 Feb 15
IDC Aruba Webinar - 3 Feb 15IDC Aruba Webinar - 3 Feb 15
IDC Aruba Webinar - 3 Feb 15
Aruba, a Hewlett Packard Enterprise company
 
Customer Keynote - Microsoft Lync
Customer Keynote - Microsoft LyncCustomer Keynote - Microsoft Lync
Customer Keynote - Microsoft Lync
Aruba, a Hewlett Packard Enterprise company
 
Aruba Technical Webinar: Unplugging the Last Cord
Aruba Technical Webinar: Unplugging the Last CordAruba Technical Webinar: Unplugging the Last Cord
Aruba Technical Webinar: Unplugging the Last Cord
Aruba, a Hewlett Packard Enterprise company
 
Make Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Make Your Own Meridian Mobile App Workshop #AirheadsConf ItalyMake Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Make Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
WLAN Design for Location, Voice & Video
WLAN Design for Location, Voice & VideoWLAN Design for Location, Voice & Video
WLAN Design for Location, Voice & Video
Aruba, a Hewlett Packard Enterprise company
 
Shanghai Breakout: 802.11ac Wi-Fi Fundamentals
Shanghai Breakout: 802.11ac Wi-Fi FundamentalsShanghai Breakout: 802.11ac Wi-Fi Fundamentals
Shanghai Breakout: 802.11ac Wi-Fi Fundamentals
Aruba, a Hewlett Packard Enterprise company
 
Aruba Instant Workshop #AirheadsConf Italy
Aruba Instant Workshop #AirheadsConf ItalyAruba Instant Workshop #AirheadsConf Italy
Aruba Instant Workshop #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Adaptive Trust Security
Adaptive Trust SecurityAdaptive Trust Security
Adaptive Trust Security
Aruba, a Hewlett Packard Enterprise company
 
Breakout - Airheads Macau 2013 - Cloud WiFi
Breakout - Airheads Macau 2013 - Cloud WiFiBreakout - Airheads Macau 2013 - Cloud WiFi
Breakout - Airheads Macau 2013 - Cloud WiFi
Aruba, a Hewlett Packard Enterprise company
 
Advanced Aruba Mobility Access Switch Workshop #AirheadsConf Italy
Advanced Aruba Mobility Access Switch Workshop #AirheadsConf ItalyAdvanced Aruba Mobility Access Switch Workshop #AirheadsConf Italy
Advanced Aruba Mobility Access Switch Workshop #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Deploying Microsoft Lync over Wi-Fi #AirheadsConf Italy
Deploying Microsoft Lync over Wi-Fi #AirheadsConf ItalyDeploying Microsoft Lync over Wi-Fi #AirheadsConf Italy
Deploying Microsoft Lync over Wi-Fi #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
E Rate Modernization Overview
E Rate Modernization Overview E Rate Modernization Overview
E Rate Modernization Overview
Aruba, a Hewlett Packard Enterprise company
 
Meridian APPs and ALE at WFD6
Meridian APPs and ALE at WFD6Meridian APPs and ALE at WFD6
Meridian APPs and ALE at WFD6
Aruba, a Hewlett Packard Enterprise company
 
Breakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave
Breakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWaveBreakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave
Breakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave
Aruba, a Hewlett Packard Enterprise company
 
Make Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Make Your Own Meridian Mobile App Workshop #AirheadsConf ItalyMake Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Make Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Aruba, a Hewlett Packard Enterprise company
 
Enabling the Virtual Enterprise
Enabling the Virtual EnterpriseEnabling the Virtual Enterprise
Enabling the Virtual Enterprise
Aruba, a Hewlett Packard Enterprise company
 
Shanghai Breakout: Mobile Devices and Wi-Fi
Shanghai Breakout: Mobile Devices and Wi-FiShanghai Breakout: Mobile Devices and Wi-Fi
Shanghai Breakout: Mobile Devices and Wi-Fi
Aruba, a Hewlett Packard Enterprise company
 
E-Rate 2.0 Overview
E-Rate 2.0 Overview E-Rate 2.0 Overview
E-Rate 2.0 Overview
Aruba, a Hewlett Packard Enterprise company
 

Viewers also liked (20)

Aruba Networks at WFD6
Aruba Networks at WFD6 Aruba Networks at WFD6
Aruba Networks at WFD6
 
Remote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf ItalyRemote & Branch Networking Fundamentals #AirheadsConf Italy
Remote & Branch Networking Fundamentals #AirheadsConf Italy
 
IDC Aruba Webinar - 3 Feb 15
IDC Aruba Webinar - 3 Feb 15IDC Aruba Webinar - 3 Feb 15
IDC Aruba Webinar - 3 Feb 15
 
Customer Keynote - Microsoft Lync
Customer Keynote - Microsoft LyncCustomer Keynote - Microsoft Lync
Customer Keynote - Microsoft Lync
 
Aruba Technical Webinar: Unplugging the Last Cord
Aruba Technical Webinar: Unplugging the Last CordAruba Technical Webinar: Unplugging the Last Cord
Aruba Technical Webinar: Unplugging the Last Cord
 
Make Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Make Your Own Meridian Mobile App Workshop #AirheadsConf ItalyMake Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Make Your Own Meridian Mobile App Workshop #AirheadsConf Italy
 
WLAN Design for Location, Voice & Video
WLAN Design for Location, Voice & VideoWLAN Design for Location, Voice & Video
WLAN Design for Location, Voice & Video
 
Shanghai Breakout: 802.11ac Wi-Fi Fundamentals
Shanghai Breakout: 802.11ac Wi-Fi FundamentalsShanghai Breakout: 802.11ac Wi-Fi Fundamentals
Shanghai Breakout: 802.11ac Wi-Fi Fundamentals
 
Aruba Instant Workshop #AirheadsConf Italy
Aruba Instant Workshop #AirheadsConf ItalyAruba Instant Workshop #AirheadsConf Italy
Aruba Instant Workshop #AirheadsConf Italy
 
Adaptive Trust Security
Adaptive Trust SecurityAdaptive Trust Security
Adaptive Trust Security
 
Breakout - Airheads Macau 2013 - Cloud WiFi
Breakout - Airheads Macau 2013 - Cloud WiFiBreakout - Airheads Macau 2013 - Cloud WiFi
Breakout - Airheads Macau 2013 - Cloud WiFi
 
Advanced Aruba Mobility Access Switch Workshop #AirheadsConf Italy
Advanced Aruba Mobility Access Switch Workshop #AirheadsConf ItalyAdvanced Aruba Mobility Access Switch Workshop #AirheadsConf Italy
Advanced Aruba Mobility Access Switch Workshop #AirheadsConf Italy
 
Deploying Microsoft Lync over Wi-Fi #AirheadsConf Italy
Deploying Microsoft Lync over Wi-Fi #AirheadsConf ItalyDeploying Microsoft Lync over Wi-Fi #AirheadsConf Italy
Deploying Microsoft Lync over Wi-Fi #AirheadsConf Italy
 
E Rate Modernization Overview
E Rate Modernization Overview E Rate Modernization Overview
E Rate Modernization Overview
 
Meridian APPs and ALE at WFD6
Meridian APPs and ALE at WFD6Meridian APPs and ALE at WFD6
Meridian APPs and ALE at WFD6
 
Breakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave
Breakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWaveBreakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave
Breakout - Airheads Macau 2013 - WLAN Management & Troubleshooting with AirWave
 
Make Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Make Your Own Meridian Mobile App Workshop #AirheadsConf ItalyMake Your Own Meridian Mobile App Workshop #AirheadsConf Italy
Make Your Own Meridian Mobile App Workshop #AirheadsConf Italy
 
Enabling the Virtual Enterprise
Enabling the Virtual EnterpriseEnabling the Virtual Enterprise
Enabling the Virtual Enterprise
 
Shanghai Breakout: Mobile Devices and Wi-Fi
Shanghai Breakout: Mobile Devices and Wi-FiShanghai Breakout: Mobile Devices and Wi-Fi
Shanghai Breakout: Mobile Devices and Wi-Fi
 
E-Rate 2.0 Overview
E-Rate 2.0 Overview E-Rate 2.0 Overview
E-Rate 2.0 Overview
 

Similar to Shanghai Breakout: Access Management with Aruba ClearPass

Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Aruba, a Hewlett Packard Enterprise company
 
Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM
Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM
Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM
Aruba, a Hewlett Packard Enterprise company
 
BYOD with ClearPass
BYOD with ClearPassBYOD with ClearPass
BYOD with ClearPass
Aruba, a Hewlett Packard Enterprise company
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
Aruba, a Hewlett Packard Enterprise company
 
2012 ah emea advanced mobility design
2012 ah emea advanced mobility design2012 ah emea advanced mobility design
2012 ah emea advanced mobility design
Aruba, a Hewlett Packard Enterprise company
 
Remote Wireless LANs
Remote Wireless LANsRemote Wireless LANs
Remote Wireless LANs
Aruba, a Hewlett Packard Enterprise company
 
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
Aruba, a Hewlett Packard Enterprise company
 
Clear passbasics derinmellor
Clear passbasics derinmellorClear passbasics derinmellor
Clear passbasics derinmellor
Aruba, a Hewlett Packard Enterprise company
 
Cisco Meraki Overview | Voyager Networks
Cisco Meraki Overview | Voyager NetworksCisco Meraki Overview | Voyager Networks
Cisco Meraki Overview | Voyager Networks
NTS UK - Part of Capita
 
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
Sergiy Pitel
 
2012 ah emea deploying byod
2012 ah emea deploying byod2012 ah emea deploying byod
2012 ah emea deploying byod
Aruba, a Hewlett Packard Enterprise company
 
Enabling AirPrint & AirPlay on Your Network
Enabling AirPrint & AirPlay on Your NetworkEnabling AirPrint & AirPlay on Your Network
Enabling AirPrint & AirPlay on Your Network
Aruba, a Hewlett Packard Enterprise company
 
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
AirTight Networks
 
Identiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffingIdentiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffing
JoshuaCiccone2
 
Choosing the right mobile architecture
Choosing the right mobile architectureChoosing the right mobile architecture
Choosing the right mobile architecture
Lonneke Dikmans
 
3 air wave practical workshop_mike bruno_matt sidhu
3 air wave practical workshop_mike bruno_matt sidhu3 air wave practical workshop_mike bruno_matt sidhu
3 air wave practical workshop_mike bruno_matt sidhu
Aruba, a Hewlett Packard Enterprise company
 
Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015
Shravan (Sean) Pabba
 
Next generation remote networks aruba instant gokul rajagopalan
Next generation remote networks aruba instant gokul rajagopalanNext generation remote networks aruba instant gokul rajagopalan
Next generation remote networks aruba instant gokul rajagopalan
Aruba, a Hewlett Packard Enterprise company
 
Instant overview gokul_rajagopalan
Instant overview gokul_rajagopalanInstant overview gokul_rajagopalan
Instant overview gokul_rajagopalan
Aruba, a Hewlett Packard Enterprise company
 
Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and ComplianceWebinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance
CipherCloud
 

Similar to Shanghai Breakout: Access Management with Aruba ClearPass (20)

Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
Byod and guest access workshop enabling byod carlos gomez gallego_network ser...
 
Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM
Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM
Breakout - Airheads Macau 2013 - BYOD, MDM, and MAM
 
BYOD with ClearPass
BYOD with ClearPassBYOD with ClearPass
BYOD with ClearPass
 
Access Management with Aruba ClearPass
Access Management with Aruba ClearPassAccess Management with Aruba ClearPass
Access Management with Aruba ClearPass
 
2012 ah emea advanced mobility design
2012 ah emea advanced mobility design2012 ah emea advanced mobility design
2012 ah emea advanced mobility design
 
Remote Wireless LANs
Remote Wireless LANsRemote Wireless LANs
Remote Wireless LANs
 
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
 
Clear passbasics derinmellor
Clear passbasics derinmellorClear passbasics derinmellor
Clear passbasics derinmellor
 
Cisco Meraki Overview | Voyager Networks
Cisco Meraki Overview | Voyager NetworksCisco Meraki Overview | Voyager Networks
Cisco Meraki Overview | Voyager Networks
 
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
 
2012 ah emea deploying byod
2012 ah emea deploying byod2012 ah emea deploying byod
2012 ah emea deploying byod
 
Enabling AirPrint & AirPlay on Your Network
Enabling AirPrint & AirPlay on Your NetworkEnabling AirPrint & AirPlay on Your Network
Enabling AirPrint & AirPlay on Your Network
 
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
 
Identiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffingIdentiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffing
 
Choosing the right mobile architecture
Choosing the right mobile architectureChoosing the right mobile architecture
Choosing the right mobile architecture
 
3 air wave practical workshop_mike bruno_matt sidhu
3 air wave practical workshop_mike bruno_matt sidhu3 air wave practical workshop_mike bruno_matt sidhu
3 air wave practical workshop_mike bruno_matt sidhu
 
Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015
 
Next generation remote networks aruba instant gokul rajagopalan
Next generation remote networks aruba instant gokul rajagopalanNext generation remote networks aruba instant gokul rajagopalan
Next generation remote networks aruba instant gokul rajagopalan
 
Instant overview gokul_rajagopalan
Instant overview gokul_rajagopalanInstant overview gokul_rajagopalan
Instant overview gokul_rajagopalan
 
Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and ComplianceWebinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance
 

More from Aruba, a Hewlett Packard Enterprise company

Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAirheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Aruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard AgentsAirheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard Agents
Aruba, a Hewlett Packard Enterprise company
 
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAirheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralEMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba Central
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS SwitchEMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS Switch
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS SwitchEMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
Aruba, a Hewlett Packard Enterprise company
 
Introduction to AirWave 10
Introduction to AirWave 10Introduction to AirWave 10
Introduction to AirWave 10
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS SwitchEMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant APEMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant AP
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.xEMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPMEMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentEMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP Deployment
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)
Aruba, a Hewlett Packard Enterprise company
 
EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2 EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2
Aruba, a Hewlett Packard Enterprise company
 
Airheads Meetups: 8400 Presentation
Airheads Meetups: 8400 PresentationAirheads Meetups: 8400 Presentation
Airheads Meetups: 8400 Presentation
Aruba, a Hewlett Packard Enterprise company
 
Airheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau PresentationAirheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau Presentation
Aruba, a Hewlett Packard Enterprise company
 
Airheads Meetups- High density WLAN
Airheads Meetups- High density WLANAirheads Meetups- High density WLAN
Airheads Meetups- High density WLAN
Aruba, a Hewlett Packard Enterprise company
 
Airheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes ArubaAirheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes Aruba
Aruba, a Hewlett Packard Enterprise company
 

More from Aruba, a Hewlett Packard Enterprise company (20)

Airheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba CentralAirheads Tech Talks: Cloud Guest SSID on Aruba Central
Airheads Tech Talks: Cloud Guest SSID on Aruba Central
 
Airheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard AgentsAirheads Tech Talks: Understanding ClearPass OnGuard Agents
Airheads Tech Talks: Understanding ClearPass OnGuard Agents
 
Airheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.xAirheads Tech Talks: Advanced Clustering in AOS 8.x
Airheads Tech Talks: Advanced Clustering in AOS 8.x
 
EMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba CentralEMEA Airheads_ Advance Aruba Central
EMEA Airheads_ Advance Aruba Central
 
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.xEMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
EMEA Airheads_ Aruba AppRF – AOS 6.x & 8.x
 
EMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS SwitchEMEA Airheads- Switch stacking_ ArubaOS Switch
EMEA Airheads- Switch stacking_ ArubaOS Switch
 
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS SwitchEMEA Airheads- LACP and distributed LACP – ArubaOS Switch
EMEA Airheads- LACP and distributed LACP – ArubaOS Switch
 
Introduction to AirWave 10
Introduction to AirWave 10Introduction to AirWave 10
Introduction to AirWave 10
 
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS SwitchEMEA Airheads- Virtual Switching Framework- Aruba OS Switch
EMEA Airheads- Virtual Switching Framework- Aruba OS Switch
 
EMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant APEMEA Airheads- Aruba Central with Instant AP
EMEA Airheads- Aruba Central with Instant AP
 
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.xEMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
EMEA Airheads- AirGroup profiling changes across 8.1 & 8.2 – ArubaOS 8.x
 
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPMEMEA Airheads- Getting Started with the ClearPass REST API – CPPM
EMEA Airheads- Getting Started with the ClearPass REST API – CPPM
 
EMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP DeploymentEMEA Airheads - AP Discovery Logic and AP Deployment
EMEA Airheads - AP Discovery Logic and AP Deployment
 
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.xEMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
EMEA Airheads- Layer-3 Redundancy for Mobility Master - ArubaOS 8.x
 
EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)EMEA Airheads- Manage Devices at Branch Office (BOC)
EMEA Airheads- Manage Devices at Branch Office (BOC)
 
EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2 EMEA Airheads - What does AirMatch do differently?v2
EMEA Airheads - What does AirMatch do differently?v2
 
Airheads Meetups: 8400 Presentation
Airheads Meetups: 8400 PresentationAirheads Meetups: 8400 Presentation
Airheads Meetups: 8400 Presentation
 
Airheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau PresentationAirheads Meetups: Ekahau Presentation
Airheads Meetups: Ekahau Presentation
 
Airheads Meetups- High density WLAN
Airheads Meetups- High density WLANAirheads Meetups- High density WLAN
Airheads Meetups- High density WLAN
 
Airheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes ArubaAirheads Meetups- Avans Hogeschool goes Aruba
Airheads Meetups- Avans Hogeschool goes Aruba
 

Recently uploaded

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
Claudio Di Ciccio
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Zilliz
 
OpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - AuthorizationOpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - Authorization
David Brossard
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
FODUU
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 

Recently uploaded (20)

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
 
OpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - AuthorizationOpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - Authorization
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 

Shanghai Breakout: Access Management with Aruba ClearPass

  • 1. Access Management with Aruba ClearPass Austin Hawthorne December 12th, 2014
  • 2. CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved 2 #AirheadsConf Agenda Defining Adaptive Policies Context Collection Leveraging Context in NAC Policies Enhancing User Experience, Operations, and Security with Context
  • 3. 3 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Why Adaptive Policies? THEN Predictable Desk Access NOW Access from Anywhere
  • 4. 4 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Deciphering Context for Policy Decisions Jailbroken phone? BYOD? Guest? Office? Device type? Firewall enabled? Employee? Skim milk? Policies must adapt to conditions
  • 5. 5 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Common Security Questions • Is this a corporate device or a personal device connecting to my wireless network with my employee’s account information? • Is this a Printer or Computer connecting to my wired network without 802.1x? • How do I keep corporate devices off the Guest SSID? • I trust my corporate assets, but I need to be able to check the compliance of Contractor computers when they connect, and restrict them from using mobile devices, how?
  • 6. 6 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Adaptive Trust: Context Collection
  • 7. 7 Device & type CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved Access type App traffic & behavior #AirheadsConf The Heart of an Adaptive Trust Decision User & role Ownership - IT or BYOD Usable Context Device assessment Location - Secure or open access Auth type - credentials or certificate Session rules Time-of-day / Day-of-Week
  • 8. 8 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Sources of Usable Context Device Profiling • Samsung SM-G900 • Android • “Jons-Galaxy” EMM/MDM • Personal owned • Registered • OS up-to-date • Hansen, Jon [Sales] • MDM enabled = true • In-compliance = true Identity Stores Enforcement Points • Hansen, Jon [Sales] • Title – COO • Dept – Executive office • City – London • Location – Bldg 10 • Floor – 3 • Bandwidth – 10Mbps
  • 9. Adaptive Trust 9 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Sources of Usable Context Device Profiling • Samsung SM-G900 • Android • “Jons-Galaxy” EMM/MDM • Personal owned • Registered • OS up-to-date • Hansen, Jon [Sales] • MDM enabled = true • In-compliance = true Identity Stores Enforcement Points • Hansen, Jon [Sales] • Title – COO • Dept – Executive office • City – London • Location – Bldg 10 • Floor – 3 • Bandwidth – 10Mbps Identity • Hansen, Jon [Sales] • COO, Executive Office • London • Personal Owned • Samsung SM-G900 • Android 4.4, Knox • MDM enabled = true • In-compliance = true • At Bldg 10, floor 3 • 21:22GMT, 21/12/14
  • 10. 10 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Context Sources • External: • Network Devices • Radius/TACACS • AD/LDAP • SAML/OAUTH2/Okta • Radius • Kerberos • Token Servers • SQL Databases • MDM Systems • Aruba Activate • HTTP • Internal: • Endpoint DB • Profiling information from: • DHCP • HTTP • SNMP • IOS Device Sensor • ActiveSync • OnGuard • Onboard • Insight DB • Session/State Information • Guest User/Device DB • Date/Time • LocalUser DB
  • 11. 11 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Context Examples
  • 12. Adaptive Trust: Leverage Context in Policy 12 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Decisions
  • 13. 13 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Adaptive Policy Driven by Context Corporate Tablet BYOD Tablet Authentication EAP-TLS SSID CORP-SECURE Authentication EAP-TLS SSID CORP-SECURE Internet Only Internet and Corporate Apps
  • 14. 14 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf ClearPass Policy Model – AuthN vs AuthZ ClearPass Policy Manager AD/LDAP Guest Insight Endpoint Onboard Service Matching SQL MDM HTTP Authentication Authorization Role Mapping Enforcement Username = Bob Mac Address = XYZ SSID = Secure Location = Building 1 Request = Radius Response = Radius - Accept - Reject - Attributes Added Context: MDM Enrolled = True Device Type = iPad Owner = Bob Required Apps = True Active Sessions = 2 AD Group = Exec Corp Asset = True
  • 15. 15 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Role-Mapping • Role-Mapping used to filter collected contextual data into “tags” (roles) that can be used for enforcement conditions. • “Select All” vs “Select First” condition matching • Careful of the “AND” “OR” conditons • Available Options: • Radius/TACACS Attributes • Authentication Attributes • Authorization Attributes (from any source) • Certificate Attributes • Endpoint Attributes • Date/Time Attributes
  • 16. 16 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Sample Role Mapping Device Context Auth Context User Context Cert Context Onboard Context MDM Context
  • 17. 17 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Enforcement Policies • Condition based rules to determine which enforcement profile(s) to use. • Can signal multiple actions, more on that later. • Leverages “Roles” assigned during Role- Mapping. • Leverages “Posture” token assigned during posture check. • Typically a top down, “First Match” rule matching algorithm.
  • 18. 18 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Sample Enforcement Policy Using Roles for User and Device Using Roles and Posture Enforcement Policy
  • 19. 19 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Enforcement Profiles • Profiles are essentially the enforcement “actions” you want to signal based on the set conditions. • Multiple Types of Enforcement Profiles: • Radius • Radius CoA • SNMP • CLI • HTTP • Entity Update • OnGuard Agent • TACACS
  • 20. Adaptive Trust: Security, Operational, and User 20 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Experience Advantages
  • 21. 21 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Security Disconnect Who: Bob Group: Faculty Device: Personal iPad Location: Room 104 Time: 9am, Monday Compliance: Healthy VPN AAA/NAC DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW ? ? ? ? ?
  • 22. • User can’t connect to the 22 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf User and Operational Disconnect VPN AAA/NAC DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW X X network • User application access is slow or disconnects • Where does the problem exist? • When do you know about the problem? • Where do you start? ? ? ? ? ? ? ? ? ? ? ?
  • 23. Time for a New Perimeter Defense Model 23 Firewalls CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved EMM/MDM #AirheadsConf Perimeter Defense IDS/IPS Mobility Defense Firewalls Access Policy Management IDS/IPS/AV Enforcement Points Physical A/V Web gateways Policy needed for central point of control
  • 24. 24 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Security and Usability Coordination VPN ClearPass DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW Who: Bob Group: Faculty Device: Personal iPad Location: Room 104 Time: 9am, Monday Compliance: Healthy Mac Address: X IP Address: Y Airgroup Permissions What if when the user connects: - Update the FW - Update the IPAM - Update the Proxy - Logon the application - Update the WLAN
  • 25. 25 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf User Self Service VPN ClearPass DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW Self Service: - BYOD Portal - Device/Guest Registration - Device Access Management - Auto-Remediation - Notification Pages
  • 26. 26 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Operational Integration VPN ClearPass DHCP/DNS AD/LDAP Network Applications Ticketing System Proxy/Filter Network Mgmt FW - Auto Open Help Desk Ticket - Notify User - Integration into Network Management
  • 27. 27 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Integration Options • “Built In” Integration • MDM Actions • Palo Alto HIP Updates • Syslog • Splunk App • CEF/LEEF Support (Future) • Radius Proxy (future) • Inbound API • Web Pages: • OnGuard DA, OnBoard, Device/User Registration, Notification/Warning • “Build your own” Integration • ClearPass Exchange • REST/XML Based API
  • 28. Mitigating Risks using 3rd Party Integration 28 Syslog Messages CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved ClearPass denies access to device #AirheadsConf ClearPass Exchange Jail-broken device detected Helpdesk ticket auto generated Message to device auto generated 1. 3. 2. RESTful APIs Adaptive Trust Identity Jailbreak example
  • 29. 29 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Enforcement Example Radius Action to force notification page Send user SMS notification Update Palo Alto Firewall Open Help Desk Ticket Sound the alarm! Send Email to security team
  • 30. 30 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Dynamic Content based on Context • Device, User, and Posture context can be pulled into actions and web pages. • Leverages “NameSpace” variables in enforcement actions and web login pages.
  • 31. 31 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf NameSpaces in ClearPass • Almost all of the “context” that is collected by ClearPass can be called up and used via dynamic “namespace” variables. • For example: • %{Endpoint:Model} • %{Radius:Aruba:Aruba-Location-Id} • %{Authentication:Full-Username} • These can be used in role mapping, enforcement profiles and policies, auth source filters/queries, etc in place of static variables. • When used, the value is replaced with information pertaining to that device or user dynamically
  • 32. 32 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf Conclusion
  • 33. 33 CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved #AirheadsConf NameSpaces in ClearPass • Context is the foundation of ClearPass • More contextual sources than any other vendor! • Ability to share context with more vendors than our competitors! • Context provides for greater security, visibility, and flexibility to support ever-changing #GenMobile environment. • Please check out the “Secure Air” booth during your break for a demonstration of these principles in action!
  • 34. Thank You 34 #AirheadsConf CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved

Editor's Notes

  1. When endpoints were static, corporate controlled and well-known, we could live with static rules. Today’s mobile technology and the velocity of endpoint change makes this old-style of access enforcement ineffective. What’s needed is a policy solution as your foundation that includes RADIUS and TACACS, is built to handle a variety of operating systems, device types, identity stores, and provides the flexibility for how users work today – from anywhere, at any time. The same solution should also support guest access, profiling, and device configuration from a single pane of glass. IT can create, manage and monitor policies from a central entity with less complexity. The ability to leverage context and data from multiple identity stores, or auth methods is important as well. This lets IT treat IT-managed and personal devices differently and use more granular enforcement. Something that legacy AAA solutions do not support.
  2. While IT has busily deployed a number of physical and legacy software security mechanisms like Palo Alto , Juniper and others for protecting the perimeter, #GenMobile has completely diluted the notion of a fixed perimeter – it doesn’t exist in a mobile world where users connect and work from anywhere. To head off any risks, many enterprise IT organizations are resorting to extreme measures by adopting a zero-trust approach to security. Unfortunately, zero-trust treats everyone like potential adversaries. What’s needed is a policy solution that leverages user and device data to make smarter decisions based on each user’s mobility needs.
  3. As the centralized gatekeeper and contextual store for all user authentication and device profiling data, ClearPass constructs a composite identity for the user and device. This information is used for ClearPass’ own access decision making and is also shared with other network security systems in the enterprise. All network security components use consistent, authoritative data which makes your access story stronger.
  4. PAN COVERS THIS SLIDE New user habits, threats, and end-points require you to rethink how you protect your access layer. Best-of-breed but siloed security solutions like Palo Alto , MobileIron, and others for protecting the perimeter no longer cut it. #GenMobile has completely diluted the notion of a fixed perimeter – it doesn’t exist in a mobile world where users connect and work from anywhere. Your infrastructure needs to aware of the changes in the environment and adapt! To head off any risks, many enterprise IT organizations are resorting to extreme measures by adopting a zero-trust approach to security. Unfortunately, zero-trust treats everyone like potential adversaries. What’s needed is a policy solution that leverages user and device data to make smarter decisions based on each user’s mobility needs.
  5. ClearPass Exchange is the glue that makes everything work seamlessly and lets you customize new workflows. Using common-language representational state transfer (REST) APIs and data feeds like syslog, Context like user ID, device, location, and authentication state can be shared with 3rd party systems. No more complex scripting languages and tedious manual configurations. Let’s look at an example: User authentication attempt with jail broken device ClearPass quarantines device via RADIUS Using RESTful API, ClearPass automatically creates trouble ticket in ServiceNow including: User ID MAC address Device type Location Email sent to helpdesk staff